BGP OSPF Questions: Difference between revisions
→IPSEC
(→OSPF) |
(→IPSEC) |
||
Line 68:
Data | Original IP Header | ESP Header | New IP Header
*In Transport mode only the data is encrypted, and the original IP header is places in front of the ESP header.
|--Encrypted-----|
Data ------ | ESP Header | Original IP Header
*Encryption algo -DES,3DES,AES
Line 80 ⟶ 77:
Phase 2 - data is tranfered based on SA parameters exhange and keys stored in SA database.
Phase 1 - securty poiclies are negotiated,Diffe helman exchange ( used to genrate the preshared keys) ,authentication of remote peer
*Tranform sets-consist of encryption algo,authication algo,key length proposed.
Line 105 ⟶ 101:
*Protocol 51-AH traffic
*udp 500-ISKMP Traffic
*ISAKMP: Authenticates the peers, Determines if Authentication is preshared ot RSA-ecryption, and prepares the SA which includes group(length of key in Bits) and lifetime of the tunnel.
| |||